With the rapid development of Internet technology and the popularization of multicast, group-oriented applications, such as video conference, network games, and video on demand, etc., play more and more important roles. How to protect the communication security of these applications is a critical problem. A secure group communication system should not only provide data confidentiality, user authentication, and information integrity, but also good scalability. For a secure group communication system, a secure, efficient, and robust group key management approach is essential.
These days, there are various approaches in key management of the secure group communication. The typical schemes are for example Group Key Management Protocol (GKMP), Secure Lock (SL), Logical Key Hierarchy (LKH), etc.
Group Key Management Protocol (GKMP) is a scheme that extends directly from unicast to multicast communication. In this scheme, it is assumed that a secure channel exists between the Group Controller (GC) and each group member. Initially, the GC selects a group key K0 and distributes this key to all group members via the secure channel. When a new member joins, the GC selects a new group key KN, and encrypts the new group key with the old group key to obtain K′=EKN(K0), then broadcasts K′ to the entire group. Moreover, the GC sends KN to the joining new member via the secure channel between the GC and the new member. Obviously, this scheme is not scalable, and there is no solution to keep the forward secrecy property when a member leaves the group, except to recreate an entirely new group without containing that member.
The Secure Lock (SL) scheme takes advantage of Chinese Remainder Theorem (CRT) to construct a secure lock to combine all the re-keying messages into one when the group key is updated. However, the CRT is a time-consuming operation. The SL scheme is efficient only when the number of users in a group is small, since the time to compute the lock and the length of the lock (hence the transmission time) is proportional to the number of users.
The Logical Key Hierarchy (LKH) scheme adopts tree structure to organize keys. The GC maintains a virtual tree, and the nodes in the tree are assigned keys. The key held by the root of the tree is the group key. The internal nodes of the tree hold key encryption keys (KEK). Keys at leaf nodes are possessed by different members. Each member is assigned the keys along the path from its leaf to the root. When a member joins or leaves the group, its parent node's KEK and all KEKs held by nodes in the path to the root should be changed. Therefore, the number of keys which need to be changed for a joining or leaving is O(2×log2 n), and the number of encryptions is O(2×log2 n). If a great deal of members join or leave the group, then the re-keying overhead will increase proportionally to the number of members changed. In addition, there are some other schemes that adopt tree structures, for example, OFT (One-way Function Tree), OFCT (One-way Function Chain Tree), Hierarchical a-ary Tree with Clustering, Efficent Large-Group Key, etc. These schemes are similar to the LKH or can be regarded as improvements to the LKH.